Cloud Computing Security - Dissertation Example

ID # Cloud Computing Security Cloud computing is an attractive information technology (IT) trend which ensures the implementation of the utility computing model broadly using Virtualization technologies. Keeping in mind the numerous advantages of cloud computing, an increasing number of business organizations have begun offering and making use of cloud-enabled architectures and services to support their business operations. On the other hand, the advancement of cloud computing has also created a wide variety of new challenges to existing techniques and approaches to build up and change software intensive systems (Babar and Chauhan; Meng, Wang, Hu, and Li). In addition, many researchers have discussed different challenges and issues that organizations face while using cloud computing. In this scenario, Hamlen, Kantarcioglu and Khan discuss a wide variety of security problems in a cloud computing environment. Additionally, these security issues include data security, physical security, middleware safety, network security and application security. The basic purpose of using cloud computing is to allow another organization (cloud service provider) to effectively store and manage data that cannot be managed by the owner of the data (Hamlen, Kantarcioglu, Khan, and Thuraisingham). Moreover, at present, the use of cloud computing has turned into an attractive trend. In fact, a lot of business organizations use clouds to manage their business operations. As discussed above, there are several security issues associated with cloud computing. The purpose of this paper is to outline some of the important security aspects which are discussed in other researches. Cloud Computing Concerns Cloud computing is the latest IT trend that a lot of business organizations are adopting due to its environmental aspects, money savings, mobility, scalability and energy effectiveness. In fact, the cloud computing facilitates business organizations or individuals to access all their important applications, tools and files from anyplace on the earth, thus releasing them from the restrictions and limitations of the desktop and allowing wide-ranging group partnership (Modavi; Miller). Without a doubt, security and privacy issues are one of the major cloud computer concerns. The idea of handing over significant data to some other corporation decreases the confidence of a lot of organizations and individuals. In this scenario, business executives might be uncertain to take benefit of a cloud computing system for the reason that they cannot keep their company’s data and information under lock and control (Strickland; Tchifilionova). In addition, there is a serious need for securely managing, storing, analyzing and sharing massive amounts of complex (for example, unstructured and semi-structured) data to decide patterns and trends in an attempt to develop the value of healthcare, improved security of the nation and discover optional energy. Due to the serious nature of these applications, it is significant that clouds are made protected. In this scenario, main security issue and challenge with clouds is that the owner of the data cannot have control over their data for instance; they would be unaware of the location of data and what mechanism is being used to store their data. This is important for the reason that if one desires to exploit the advantages of utilizing cloud computing, one has to as well make use of the resource allocation and scheduling offered by clouds. Consequently, they require securing the information and data in the middle of un-trusted procedures (Hamlen, Kantarcioglu and Khan; Bisong and Rahman; Rittinghouse and Ransome). There are many privacy and security problems and issues with cloud computing as they are composed of a lot of techniques and technologies comprising databases, networks, Virtualization, operating systems, transaction administration, resource scheduling, concurrency management, load balancing and memory management. Hence, the security concerns for the most of these systems and technologies are valid to cloud computing. For instance, the network that is used to connect the systems in a cloud has to be protected. In addition, virtualization model in cloud computing results in numerous security fears. In this scenario, it is essential that the mapping of virtual systems to the physical systems has to be performed securely. Additionally, the data security engages encrypting the information and data and makes sure that suitable strategies are imposed for data sharing. In the same way, resources sharing and memory management algorithms have to be securely implemented. Moreover, some data mining techniques can also be implemented for malware detection in clouds. In this scenario, there is extensive need for extending the technologies and concepts we have built in secure grid to a protected cloud (Hamlen, Kantarcioglu and Khan; Bisong and Rahman; Rittinghouse and Ransome). Basics Security Issues There are many security and privacy related issues that organizations and users can face while using cloud computing services. In view of the fact that the cloud security related issues and threats come in different sizes and forms, hence, it is asked from specialists to analyze them on what they observe as the major danger to cloud security. The response from the specialists varies from situation to situation; however, in many cases cloud security threats can be addressed. In this scenario, one of the major security issues in the cloud computing is an application layer distributed DOS (denial of service) attack. These security attacks intimidate the extremely accessibility of cloud arrangement itself. If a cloud service is not even available, all other security actions, from protecting access to authentication, are of no use whatsoever (Burns; Jansen; Bruening and Treacy). In addition, network and technology hackers have discovered and are actively exploiting flaws existing in cloud defenses, making use of cheap, simply available tools to launch application-layer based security attacks. In this scenario, a main cause they have been successful is that corporation data center because cloud operators are not effectively equipped to defend beside them. Given below are some of the well-known security issues that can minimize the effectiveness of cloud computing (Burns; Jansen; Bruening and Treacy). Denial of Service (DoS) attacks Loss of confidential data Managing complexity and risk Downtime due to a cloud outage Employee ‘personal clouds’ Lack of visibility Changes in governance and operations security Easy access to cloud resources Current Issue in Cloud Computing This section outlines some of the recent security and privacy threats in the cloud computing arrangement. These security issues are becoming more and more serious and causing serious damages to working and operational environment. Insecure Interfaces and APIs Cloud computing services are provided through a wide variety of user interfaces which are known as application programming interfaces (APIs). A user who wants to access and use a cloud service must interact with the cloud using an interface. Thus, the security of a cloud service heavily depends on the security of these APIs. In addition, from confirmation and access control to encryption and activity assessment, these interfaces have to be designed to protect beside together malicious and accidental attempts to avoid a policy (Cloud Security Alliance). Malicious Insiders The risk of malicious insiders is augmented for clients of cloud services due to union of IT services and clients under a particular management area. For instance, a service provider cannot disclose how it grants workers’ access to physical as well as virtual assets, how it checks these people, or how it examines and reports on policy fulfillment. This type of condition evidently produces an attractive chance for an opposition, series from the hobbyist hacker, to prepared crime, to business espionage, or yet nation-state support intrusion. The level of access could be beneficial to an opponent for getting access to private data or get complete control over the cloud management and services with a minimum or no risk of detection (Cloud Security Alliance). Data Loss or Leakage In a cloud computing environment, quality of data and information can be compromised due to a lot of reasons. In this scenario, modification or deletion of records without a backup of the real information and data can be a very good example. In the same way, loss of an encoding key can result in considerable data destruction. In addition, unauthorized people have to be prevented from getting access to sensitive data (Cloud Security Alliance). Conclusion This paper has discussed some of the important issues that business organizations and individuals face with cloud computing. Cloud computing is an attractive IT trend which ensures the implementation of the utility computing model broadly using virtualization technologies. Seeing the numerous advantages and opportunities offered by the cloud computing, an increasing number of business organizations have begun offering and making use of cloud-enabled architectures and services to support their business operations. At present, the use of cloud computing has turned into an attractive trend. In fact, a lot of business organizations nowadays use clouds to manage their business operations. There are numerous security issues associated with cloud computing. Without a doubt, security and privacy issues are one of the major cloud computer concerns. The idea of handing over significant data to some other corporation decreases the confidence of a lot of organizations and individuals. There are many privacy and security problems and issues with cloud computing as it is composed of a lot of techniques and technologies comprising databases, networks, virtualization, operating systems, transaction administration, resource scheduling, concurrency management, load balancing and memory management. Undoubtedly, cloud computing is a wonderful trend, but it can be made more effective and efficient by improving security. Works Cited Babar, M. Ali, and Muhammad Aufeef Chauhan. “A tale of migration to cloud computing for sharing experiences and observations.” SECLOUD 11 Proceedings of the 2nd International Workshop on Software Engineering for Cloud Computing. New York: ACM, 2011, pp. 50-56. Print. Bisong, Anthony, and Syed (Shawon) M. Rahman. “AN OVERVIEW OF THE SECURITY CONCERNS IN ENTERPRISE CLOUD COMPUTING.” International Journal of Network Security & Its Applications (IJNSA), Volume 3 Issue 1 (2011), pp. 30-45. Print. Bruening, Paula J., and Bridget C. Treacy. Privacy, Security Issues Raised by Cloud Computing. 03 September 2009. Web. 16 April 2012. . Burns, Christine. Cloud security threats, as explained by the experts. 12 October 2011. 17 April 2012 . Cloud Security Alliance. Top Threats to Cloud Computing V1.0. 2010. Web. 16 April 2012. . Hamlen, Kevin, et al. “Security Issues for Cloud Computing.” International Journal of Information Security and Privacy, Volume 4 Issue 2, (2010), pp 39-51. Print. Jansen, Wayne A. Cloud Hooks: Security and Privacy Issues in Cloud Computing. 2011. Web. 10 April 2012. . Meng, Fanqi, et al. “Research of the application of cloud computing theory in emergent material support.” ICCC ‘11 Proceedings of the 2011 International Conference on Innovative Computing and Cloud Computing. New York: ACM, 2011, pp. 50-53. Print. Miller, Michael. Cloud Computing Pros and Cons for End Users. 13 February 2009. Web. 03 April 2011. . Modavi, Jace. The Advantages and Challenges of Cloud Computing Technology. 18 October 2010. Web. 02 April 2011 . Rittinghouse, John, and James Ransome. Cloud Computing: Implementation, Management, and Security. 1st. Boca Raton, FL, USA: CRC Press, Inc., 2009. Print. Strickland, Jonathan. How Cloud Computing Works. 2012. Web. 14 April 2012. . Tchifilionova, Vassilka. “Security and privacy implications of cloud computing: lost in the cloud.” iNetSec’10 Proceedings of the 2010 IFIP WG 11.4 international conference on Open research problems in network security. Springer-Verlag Berlin, Heidelberg, 2011, pp. 149-158. Print. Read More